Getting global-buffer-overflow every time i run pre-build chrome binary #644
Comments
|
setting env ASAN_OPTIONS=strict_memcmp=0 solved the issue. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I am getting following crash log every time i run pre-build chrome asan build binary(without loading any testcase)
==4140==ERROR: AddressSanitizer: global-buffer-overflow on address 0x014b0a2b at pc 0x014611fe bp 0xdeadbeef sp 0x0039e920 READ of size 13 at 0x014b0a2b thread T0
#0 0x1461216 in __asan_wrap_memcmp+0x296 (D:\BrowserFuzzers\win32-release-asan-win32-release-368319\asan-win32-release-368319\chrome.exe+0x6b1216)
#1 0x13a6e12 in crashpad::CrashReportDatabase::CallErrorWritingCrashReport::
Disarm C:\b\build\slave\Win_ASan_Release\build\src\third_party\crashpad\crashpad\third_party\getopt\getopt.cc:262
#2 0x13a7cfe in crashpad::getopt_long C:\b\build\slave\Win_ASan_Release\build\src\third_party\crashpad\crashpad\third_party\getopt\getopt.cc:410
#3 0x11f73dd in crashpad::HandlerMain C:\b\build\slave\Win_ASan_Release\build\src\third_party\crashpad\crashpad\handler\handler_main.cc:198
#4 0x11b4a8d in main C:\b\build\slave\Win_ASan_Release\build\src\chrome\app\chrome_exe_main_win.cc:160
#5 0x147c54a in __tmainCRTStartup f:\dd\vctools\crt\crtw32\startup\crt0.c:255
#6 0x77043379 in BaseThreadInitThunk+0x11 (C:\Windows\syswow64\kernel32.dll+0x7dd73379)
#7 0x779f9881 in RtlInitializeExceptionChain+0x62 (C:\Windows\SysWOW64\ntdll.dll+0x7dea9881)
#8 0x779f9854 in RtlInitializeExceptionChain+0x35 (C:\Windows\SysWOW64\ntdll.dll+0x7dea9854)
0x014b0a2b is located 53 bytes to the left of global variable ''
defined in '....\third_party\crashpad\crashpad\handler\handler_main.cc:175:8'
(0x14b0a60) of size 9 '' is ascii string 'database'
0x014b0a2b is located 0 bytes to the right of global variable '' defined in '....\third_party\crashpad\crashpad\handler\handler_main.cc:174:8'
(0x14b0a20) of size 11 '' is ascii string 'annotation'
SUMMARY: AddressSanitizer: global-buffer-overflow (D:\BrowserFuzzers\win32-release-asan-win32-release-368319\asan-win32-release-368319\chrome.exe+0x6b1216) in __asan_wrap_memcmp+0x296
Shadow bytes around the buggy address:
0x302960f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x30296100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x30296110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x30296120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0x30296130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f9 f9
=>0x30296140: f9 f9 f9 f9 00[03]f9 f9 f9 f9 f9 f9 00 01 f9 f9
0x30296150: f9 f9 f9 f9 00 00 01 f9 f9 f9 f9 f9 00 06 f9 f9
0x30296160: f9 f9 f9 f9 00 02 f9 f9 f9 f9 f9 f9 04 f9 f9 f9
0x30296170: f9 f9 f9 f9 05 f9 f9 f9 f9 f9 f9 f9 00 f9 f9 f9
0x30296180: f9 f9 f9 f9 01 f9 f9 f9 f9 f9 f9 f9 00 00 00 00
0x30296190: f9 f9 f9 f9 00 00 04 f9 f9 f9 f9 f9 00 07 f9 f9
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap right redzone: fb
Freed heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
Container overflow: fc
Array cookie: ac
Intra object redzone: bb
ASan internal: fe
Left alloca redzone: ca
Right alloca redzone: cb
==4140==ABORTING
The text was updated successfully, but these errors were encountered: